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DETAILED ACTION 

This is in response to the Applicant's response filed on November 21 , 2007. 
Claims 1 - 29, where Claims 1,15, and 26 are in independent form, are presented for 
examination. 

Claim Objections 

Regarding the objections to Claims 1,15, and 26, the Applicant amended the 
claims as suggested by Examiner. Examiner withdraws the objections. 

Response to Arguments 

Applicant's arguments filed November 21, 2007 have been fully considered but 
they are not persuasive. Applicant argued: 

a) Neither Vaid nor Clark disclose a method, system or gateway for 
monitoring and controlling data transfer in communication networks in 
which data transfer is monitored and/or controlled, and specifically in 
which bandwidth available to user terminals is dynamically controlled in 
real time, on the basis of an authenticated IP address and an 
authenticated user; 

b) One skilled in the art at the time of the invention would not have applied 
the authentication process of Clark to Vaid invention 

Examiner respectfully disagrees with applicant's assertions. 
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1 . With regards to a), Clark specifically discloses of authenticating the user by 
requesting a user ID and password prior to assigning an IP address to the user (Col. 4, 
Lines 17, 29-39). 

2. With regards to b), it would have been obvious to one skilled in the art to 
combine the teachings of Vaid and Clark. Vaid specifically discloses the need to 
regulate bandwidth based to "provide more valued applications and users with more 
reliable and faster service. Less critical applications and users are provided with a 
service level that is. appropriate" (Col. 3, Lines 30-34; emphasis added). Therefore, the 
type of user needs to be identified to differentiate the quality of service provided 
(bandwidth) to that user. Furthermore, the "priorities of clients, servers, and URLs 
hosted in the user's network or servers" (Co. 14, Lines 62-63; emphasis added) are 
taken into consideration when developing traffic policies. Therefore, it would have been 
obvious to one skilled in the art that user preferences or user distinction is necessary 
and disclosed in Vaid and to combine the additional teachings in Clark to the Vaid 
invention. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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Claims 1 - 7, 11, 15 - 17, 21 - 26, and 28 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over U.S. Patent 6,078,953, invented by Aseem Vaid et al. 
(hereinafter referenced as "Vaid"), in view of U.S. Patent 6,442,588 B1, invented 
by Clark et al. (hereinafter referenced as "Clark"). 

3. Regarding Claims 1,15, and 26 , Vaid discloses of a method and system of 
monitoring and controlling data transfer between a user terminal coupled to a first 
communication network (Abstract; Fig. 1; method and system for controlling traffic and 
monitoring such traffic to ensure a quality of service within the communication network) 
and a second communication network , said first communication network coupled to said 
second communication network, via a gateway and a firewall (Abstract; Figs. 1 and 5; 
network includes firewall server and traffic management tool coupled to the firewall 
server which are between the LAN and Internet). The disclosed system and method 
also simultaneously monitors at the firewall the transfer of data between the user 
terminal and the second communication network (Col. 10, Lines 29-36; continuous 
traffic management cycle that includes monitoring phase) and dynamically controls real 
time bandwidth available to the user terminal (Col. 18; Lines 46-51; real-time monitoring 
and controlling of traffic). Vaid also discloses that the traffic management is 
implemented using rule-based techniques within the firewall (Col. 3, Lines 38-40). 
However, Vaid does not specifically disclose that the user sends an access request to 
the gateway from the user terminal requiring access to the second communication 
network or that the gateway reads the access request and modifies at least one access 
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rule in the firewall to permit access for the user terminal requesting access based on an 
authenticated IP address of the user terminal requesting access. 

Clark discloses a method and system of monitoring and controlling data transfer 
between communication networks where the user sends an access request to the 
gateway from the user terminal requiring access to the second communication network 
(Fig. 2; Col. 3, Lines 20-22; user requests access to online services or internet). Clark 
also discloses that the gateway reads the access request and modifies at least one 
access rule in the firewall to permit access for the user terminal requesting access 
based on an authenticated IP address of the user terminal requesting access, where the 
authenticated IP address includes authentication of a user (Col. 4, Lines 17, 29-39; user 
requested for authentication of ID and password, then IP address is assigned to user 
and authenticated to access the services requested). It would be obvious to one skilled 
in the art to apply the authentication process disclosed in Clark to the invention 
disclosed in Vaid. Requiring authentication of each user terminal limits the number of 
unauthorized users that are allowed to communicate and utilize the limited bandwidth 
within the communication system. This allows a communication system to better 
allocate the provided bandwidth and meet certain requirements or quality of service 
policies requested by the user. 

4. Regarding Claims 2, 25, and 28 , Vaid, in new of Clark, discloses all the 
limitations of Claims 1,15, and 26 as stated above. Vaid further discloses that the 
dynamic control of bandwidth available to the user terminals occurs whilst maintaining 
communication of the user terminal with the second communication network (Col. 17, 
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Lines 27-31, 35-38, and 40-48; combination of flow control and queuing is used to 
dynamically change bandwidth varying on the demand requested by the user while 
keeping the user connected). 

5. Regarding Claims 3, 4, 21, and 22 , Vaid, in view of Clark, discloses all the 
limitations of Claims 1 and 15 above. Vaid further discloses of restricting the bandwidth 
regardless of when it is allocated to a single user terminal or a plurality of user terminals 
(Fig. 1; Col. 3, Lines 21-26, 34-35; single point of access to monitor and control 
communication traffic either at a one computer terminal or a firewall connected to 
multiple users). 

6. Regarding Claims 5 and 24 , Vaid, in view of Clark, discloses all the limitations of 
Claims 1 and 15 above. Vaid further discloses that the bandwidth is restricted for 
uploading data and/or downloading data (Col. 12; Lines 59-61). 

7. Regarding Claim 6 , Vaid, in view of Clark, discloses all the limitations of Claim 1 
above. Vaid further discloses that the restricted bandwidth is allocated to one or more 
terminals for a prescribed time period (Col. 10, Lines 37-39; monitor and control 
activities at various times). 

8. Regarding Claim 7 , Vaid, in view of Clark, discloses all the limitations of Claim 1 
above. Vaid further discloses that a restricted bandwidth is allocated to one or more 
terminals on the basis of a priority status allocated to the one or more terminals or a 
user account (Col. 10, Lines 44-46, 49-52). 

9. Regarding Claims 11 and 23 , Vaid, in view of Clark, discloses all the limitations 
of Claims 1 and 15 above. Vaid further discloses of controlling the access of a user 
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terminal to the second communication network from a management terminal coupled to 
the first communication network and restricting bandwidth to a user account (Col. 13, 
Lines 1-5, and 32-43; FAIR module controls the bandwidth by parameters such as 
class, session, burst, packet, and others; class examples include IP address, subnet 
mask, destination, etc.). 

10. Regarding Claims 16 - 18 , Vaid, in view of Clark, discloses all the limitations of 
Claim 15 above. Vaid further discloses that both the firewall and gateway can be 
comprised in a single machine (Fig. 1; Col. 6, Lines 6-8) or in different machines (Fig. 4, 
5, and 6; Col. 9, Lines 8-1 1 and 60-65; tool can be stand-alone at the WAN access point 
as a conventional firewall with a separate gateway). 

Claims 8 and 19 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Vaid, in view of Clark, and in further view of U.S. Patent 6,272,127 B1, 
invented by Michael E. Golden (hereinafter referenced as "Golden"). 

1 1 . Regarding Claims 8 and 19 , Vaid, in view of Clark, discloses all the limitations of 
Claims 1 and 15 as stated above. Neither Vaid nor Clark, however, specifically 
discloses that the user terminal can be authenticated by the gateway using an 
encryption/decryption process. 

Golden discloses the use of data encryption/decryption to securely transmit and 
receive data within a packet-switched communication system (Col. 15, Lines 32-36 and 
49-56). It would be obvious to one skilled in the art to use the encryption/decryption 
process to authenticate the user terminal that requested access to the second 
communication network. Instead of requesting authentication of a user terminal via user 
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ID and password, the system itself can automatically authenticate the user terminal via 
the encryption keys encapsulating the transmitted data. This provides the system the 
ability to authenticate via software and remove the need of authenticating the 
communication terminal through human participation. 

Claims 9, 10, 12 - 14, 20, 27, and 29 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Vaid, in view of Clark, and in further view of U.S. Appl. 
2002/0026503 A1, filed by Samuel Bendinelli et al. (hereinafter referenced as 
"Bendinelli"). 

12. Regarding Claims 9, 10. 20. 27, and 29 . Vaid, in view of Clark, discloses all the 
limitations of Claims 1,15, and 26 as stated above. Vaid further discloses that the 
traffic monitoring and controlling tool based on traffic classes, which can be but not 
limited to, IP addresses, subnet, network, time, protocol, network, etc. (Col. 13, Lines 
33-43). Vaid also disclosed that the traffic tool is the single point to manage and control 
traffic from one communication network to another (Fig. 1 ; Col. 3, Lines 21-26). Neither 
Vaid nor Clark, however, specifically discloses that all ports of access of one or more 
user terminals are monitored or that these port can be enabled and/or disabled. 

Bendinelli discloses the use of additional parameters to filter the packets that are 
allowed to pass through the firewall, which include protocol, ports, and direction (Pg. 22, 
Para. 0243). It would be obvious to one skilled in the art to monitor and control the 
ports of access on a user terminal. Doing so provides additional measures of 
controlling and filtering content, which can be categorized into various traffic classes, to 
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collaborate with the traffic policies and traffic rules that maintain and effectively utilize 
the bandwidth available to the communication network. 

13. Regarding Claims 12 - 14 , Vaid, in view of Clark, discloses all the limitations of 
Claim 1 as stated above. Vaid nor Clark, however, specifically discloses monitoring the 
period of time a user terminal has access to the second communication network, 
quantity of data a user terminal uploads and/or downloads, or the cost to a user having 
access to the second network. 

Bendinelli discloses the monitoring between the gateway and base network 
bandwidth statistics, including quantity of data from each terminal and time intervals of 
user access to the bandwidth (Figs. 42-44; Pg. 32, Para. 0388, 0389, and 0392). 
Bendinelli further discloses the method of determining the cost to the user having 
access to the second communication network (Fig. 29; Pg. 34, Para. 0356). It would be 
obvious to one skilled in the art to include such statistics to better monitor the usage in 
various terminals and also by various users. Monitoring both time intervals and quantity 
of bandwidth access allows the system to predict future uses of bandwidth and better 
accommodate for quality of service and user demands on the network bandwidth. 
Additionally, the ability to determine the cost of a user terminal to access the second 
communication network would also be obvious to implement to adjust the priorities of 
various users. Users can pay a higher premium for higher percentages of the 
bandwidth and for higher quality of service requirements for the various services they 
are accessing within the second communication network. 



Application/Control Number: Page 10 

10/519,263 

Art Unit: 2153 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Contacts 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Tae K. Kim, whose telephone number is (571) 270- 
1979. The examiner can normally be reached on Monday - Friday (8:00 AM - 5:00 PM). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Glenton B. Burgess, can be reached on (571) 272-3949. The fax phone 
number for submitting all Official communications is (703) 872-9306. The fax phone 
number for submitting informal communications such as drafts, proposed amendments, 
etc., may be faxed directly to the examiner at (571) 270-2979. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
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published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at (866) 217-9197 (toll-free). 
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